[[Wikipedia:Nessus (software)|Nessus]] is a powerful vulnerability scanner with over 40000 plugins, covering local and remote flaws.

+

[[Category:Security]]

+

+

[[Wikipedia:Nessus (software)|Nessus]] is a proprietary [[Wikipedia:Vulnerability scanner|vulnerability scanner]] available free of charge for personal use. There are [http://www.tenable.com/plugins/ over 40,000 plugins] covering a large range of both local and remote flaws.

==Installation==

==Installation==

+

Download and extract the {{AUR|nessus}} tarball available in the [[AUR]].

−

Download and extract the taurball from the [[AUR]]:

+

Go to http://tenable.com/products/nessus/nessus-download-agreement, agree to the license, and download the package:

−

+

*32-bit: Nessus-5.2.1-fc16.i386.rpm

−

$ wget https://aur.archlinux.org/packages/nessus/nessus.tar.gz

+

*64-bit: Nessus-5.2.1-fc16.x86_64.rpm

−

$ tar xvf nessus.tar.gz

−

−

Download the rpm from http://www.nessus.org/download/nessus_download.php.

−

−

*32-bit: Nessus-4.4.0-fc14.i386.rpm (12103 KB)

−

*64-bit: Nessus-4.4.0-fc14.x86_64.rpm (12092 KB)

−

Move the rpm into in the nessus directory.

+

Move the RPM file into the {{ic|nessus}} directory (i.e. the directory you extracted the tarball's contents to).

−

$ cd nessus

+

Then, [[AUR#Installing_packages|build and install]] the package as usual.

−

$ mv ~/downloads/Nessus-4.4.0-fc14.x86_64.rpm .

−

−

Then, make (and install) the package:

−

−

$ makepkg -csi

==Post-installation setup==

==Post-installation setup==

−

Create an SSL certificate for the Nessus web interface:

Create an SSL certificate for the Nessus web interface:

−

# /opt/nessus/sbin/nessus-mkcert

+

{{bc|# /opt/nessus/sbin/nessus-mkcert}}

−

Register your email at http://nessus.org/register/ and wait for your key to be emailed to you. Then, download all the plugins from the feed with:

+

Register your email at http://www.tenable.com/products/nessus/nessus-plugins/obtain-an-activation-code and wait for your key to be emailed to you. Then, download all the plugins from the feed with:

+

{{bc|# /opt/nessus/bin/nessus-fetch --register <your key here>}}

−

# /opt/nessus/bin/nessus-fetch --register <your key here>

+

{{Note|If you are behind a proxy, you need to modify {{ic|/opt/nessus/etc/nessus/nessus-fetch.rc}}.}}

−

Create a Nessus admin user (unrelated to *nix style users):

+

Create a Nessus admin user (unrelated to Unix-style users):

−

+

{{bc|# /opt/nessus/sbin/nessus-adduser}}

−

# /opt/nessus/sbin/nessus-adduser

==Usage==

==Usage==

−

Start the [[daemon]] just like any other:

+

The {{AUR|nessus}} package provides a {{ic|nessusd.service}} unit file, see [[systemd]] for details.

−

# /etc/rc.d/nessus start

+

Access the web interface at https://localhost:8834 and/or use the commandline interface ({{ic|/opt/nessus/bin/nessuscmd}}). In most browsers, you will need to manually accept the SSL certificate you created for the server.

−

−

Access the web interface at https://localhost:8834 and/or use the commandline interface (/opt/nessus/bin/nessuscmd).

==Removal==

==Removal==

−

+

The package can be removed with pacman, but files created by Nessus, such as the plugin database it downloads, must be removed manually:

−

The package can be removed with pacman, but files created by nessus (such as the plugin database it downloads) must be removed manually:

Note: If you are behind a proxy, you need to modify /opt/nessus/etc/nessus/nessus-fetch.rc.

Create a Nessus admin user (unrelated to Unix-style users):

# /opt/nessus/sbin/nessus-adduser

Usage

The nessusAUR package provides a nessusd.service unit file, see systemd for details.

Access the web interface at https://localhost:8834 and/or use the commandline interface (/opt/nessus/bin/nessuscmd). In most browsers, you will need to manually accept the SSL certificate you created for the server.

Removal

The package can be removed with pacman, but files created by Nessus, such as the plugin database it downloads, must be removed manually: